Lucene search

Kaspersky LabKLA11696

HistoryAug 06, 2019 - 12:00 a.m.

KLA11696 OSI vulnerability in Microsoft products (ESU)

2019-08-0600:00:00

Kaspersky Lab

threats.kaspersky.com

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.6

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

35.1%

JSON

Information disclosure vulnerability was found in Microsoft Extended Security Updates (Extended Security Update). Malicious users can exploit this vulnerability to obtain sensitive information.

Original advisories

CVE-2019-1125

Related products

Microsoft-Windows

Microsoft-Windows-Server

Microsoft-Windows-Server-2012

Microsoft-Windows-8

Microsoft-Windows-7

Microsoft-Windows-Server-2008

Windows-RT

Microsoft-Windows-10

CVE list

CVE-2019-1125 unknown

KB list

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

Affected Products

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2012 R2Windows 10 for x64-based SystemsWindows 10 Version 1703 for 32-bit SystemsWindows Server 2008 for x64-based Systems Service Pack 2Windows 8.1 for x64-based systemsWindows 10 Version 1709 for 32-bit SystemsWindows RT 8.1Windows Server 2008 for Itanium-Based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2Windows 10 for 32-bit SystemsWindows Server 2012 (Server Core installation)Windows 8.1 for 32-bit systemsWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows 10 Version 1803 for x64-based SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows Server, version 1903 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows 10 Version 1903 for 32-bit SystemsWindows 7 for x64-based Systems Service Pack 1Windows 10 Version 1809 for 32-bit SystemsWindows Server 2019 (Server Core installation)Windows 7 for 32-bit Systems Service Pack 1Windows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1803 for ARM64-based SystemsWindows Server 2016 (Server Core installation)Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1709 for ARM64-based SystemsWindows Server 2019Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1Windows Server 2012Windows Server 2012 R2 (Server Core installation)Windows Server, version 1803 (Server Core Installation)Windows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows 10 Version 1709 for x64-based SystemsWindows 10 Version 1703 for x64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows Server 2016Windows 10 Version 1903 for x64-based Systems